As all who work in a professional setting know, data security and integrity are important obligations. In order to protect corporate data, we must secure devices and documents with passwords and store data in approved locations. While following corporate security guidelines is often an inconvenience, the necessity is clear. Much of the data we create and store on corporate networks contains trade secrets, personally identifiable information, or potentially privileged communications and we have an obligation to protect that data on behalf of corporate interests. We also want to avoid any potential bad press as a result of a security breach. Stories of corporate security lapses lead to breaches in trust with our customers, which no corporation wants to face. For these reasons and more, it is clear that corporate security is of critical concern.
Security has traditionally been about defining and securing a perimeter. Whether homesteaders circling their wagons to protect against outside threats or records managers putting corporate documents in a warehouse behind a lock and key, we have always needed to understand what is on the “inside” and where the “outside” begins. From a security perspective, the inside and the outside should never intermingle. In corporate computing security, the concept of defining the perimeter has been relatively straightforward. Computers inside the office and behind the corporate firewall need to be secure, and anything outside of the corporate firewall is considered unsecured. There has traditionally been a clear concept of what is on the inside and what is on the outside. In an Internet-based world, however, identifying the perimeter is becoming a more difficult, if not Sisyphean, task.
Endpoint protection – encryption
Our always-on world and need for responsiveness requires that we use any and all means to access corporate data. As long as we are properly securing our data centers and data transportation, we next need to make sure that our data endpoints are also secure. Endpoints such as iPads, Android phones and laptops are difficult to secure, especially if an organization is deploying a BYOD initiative, in which employees are able to use their personal mobile devices to connect to corporate data. Device encryption and enhanced user identification/authentication are two steps which will immensely help improve endpoint security.